Re: openssh-server's default config is dangerous

To: debian-user@lists.debian.org
Subject: Re: openssh-server's default config is dangerous
From: Lisi Reisz <lisi.reisz@gmail.com>
Date: Tue, 12 Jul 2016 18:11:54 +0100
Message-id: <[🔎] 201607121811.54195.lisi.reisz@gmail.com>
In-reply-to: <[🔎] 20160712165329.GC4114@debian>
References: <[🔎] 20160712092610.GA6945@debian> <[🔎] 20160712120532.GA15892@e1030> <[🔎] 20160712165329.GC4114@debian>

On Tuesday 12 July 2016 17:53:29 mwnx wrote:
> > So, you're blaming a perfectly good (and reasonably secure) way of
> > remote access, but somehow assume that weak passwords are ok.
> > By that logic you should not stop there. Why not blame any remote access
> > mechanism that uses PAM for password checking as well?
>
> There are many kinds of systems on which weak passwords are OK. For
> instance, a home PC has no need whatsoever for a strong password. If
> someone breaks into my home, they have access to my data anyway; and
> the password is for local use only. If some malware gets into my
> computer, it can get the root password through keylogging.
>
> Note: this weak password can still be useful to protect my privacy
> from guests.

Then it is up to you to reconfigure anything that this attitude leaves 
insecure that you want secure.  (Why?  The break in scenario still applies.)

Lisi

Reply to:

References:
- openssh-server's default config is dangerous
  - From: mwnx <mwnx@gmx.com>
- Re: openssh-server's default config is dangerous
  - From: Reco <recoverym4n@gmail.com>
- Re: openssh-server's default config is dangerous
  - From: mwnx <mwnx@gmx.com>

Prev by Date: Re: openssh-server's default config is dangerous
Next by Date: Re: openssh-server's default config is dangerous
Previous by thread: Re: openssh-server's default config is dangerous
Next by thread: Re: openssh-server's default config is dangerous
Index(es):
- Date
- Thread